[Bug 221613] pw expire_days have a bug

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221613

Andrew Daugherity <andrew.daugherity at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |andrew.daugherity at gmail.com

--- Comment #3 from Andrew Daugherity <andrew.daugherity at gmail.com> ---
I can confirm this is still an issue on 12.1.

I have in /etc/login.conf:
default:\
        [...]
        :passwordtime=1y:\
        :warnpassword=7d:

But this was not applied to newly-created accounts (regardless of using either
adduser or "pw useradd"), which had 0 in the sixth field of master.passwd,
meaning password expiration was ignored.

I first tried editing adduser.conf, adding 'upwexpire=1y', but then creating
users failed with the error "pw: Invalid date".  (I guess adduser calls pw
useradd internally, which makes sense.)  I then tried the example straight out
of adduser.conf(5) of 'upwexpire=91d', which also fails.  A bare number does
work, but gets copied directly to the change field of master.passwd, rather
than being converted to epoch-relative time.

Similarly, setting 'password_days = 365' in pw.conf, makes users get a literal
365 in master.passwd, just like Andres' report.


Workaround: Don't set password_days in pw.conf, but immediately after user
creation, set the expiration time with "pw usermod -p"; date(1) can help
convert relative dates to the epoch format, e.g. for 60 days in the future:
    pw useradd $USER ...
    pw usermod $USER -p `date -v +60d +%s`

-- 
You are receiving this mail because:
You are the assignee for the bug.